Site Index | Privacy | Contact
HSDBC
Cyber & IT Infrastructure

The 9/10/11 Project: Cyber Security
Homeland Security & Defense Business Council
Are We Ready for the Day Before Tomorrow? Imagine it is September 10, 2011 - 9/10/11 - a full decade since the devastating terrorist attacks of September 11, 2001. Is our nation equipped for whatever catastrophe may happen tomorrow? How have our prevention, preparedness, response and resiliency structures changed, matured and become operational? The Homeland Security & Defense Business Council's 9/10/11 Project looks at how far the country has come since the day before 9/11/2001. Through fresh interviews with industry leaders the Council is seeking to vividly illustrate the strides our government at all levels, working with the private sector, has made to secure the country and to stay at least one step ahead of events and disasters that could destroy our way of life. On the 10th of each month through September 2011, the Council will provide a historical context for how far we have come and where we are now, as well as an assessment of the future of the most pressing homeland security issues. This monograph focuses on Cyber Security. Visit The 9/10/11 Project webpage.

The Cybersecurity Agenda: An Information Security Reality Check
Accenture
As fraudsters chip mercilessly away at the government's elastic perimeter, the nation's cyber infrastructure-and all the critical data it houses-lies at risk. The fear is well-founded. There are an estimated 3 million indications of malicious activity per year in civilian government networks. Some 40,000 cyber attacks occurred against the Department of Defense alone in the first half of 2009; and cyber criminals have absconded with over $100,000 from U.S. banks.  Legislation might help the President and U.S. government agencies get a better night's sleep, but a sound action plan, including situational awareness, is the way to get there-and ensure greater cybersecurity for all.

Mounting a Security Offensive to Counter Cyber Threats and Enable High Performance
Accenture
With almost every transaction now conducted over the Internet, organizations become more vulnerable to cyber intrusion. Automated tools have made it easier for hackers to generate attacks, creating a flood of noise that may distract organizations from discovering the most sophisticated attacks in a timely manner. This has become a senior management issue, not just a technical problem. Strong security practices are necessary to both defend the enterprise and enable the enterprise to operate innovative new processes without increasing risk. This paper offers five steps to guide a proactive, high-performance approach to cyber security.

The Road to Cyberpower
Booz Allen Hamilton
Cyberpower- the strategic employment of information and communications technologies to enable economic growth, empower society, and enhance security - has emerged as a key policy issue in the United States and around the world. Debates over net neutrality, "smart" energy grids, privacy, and Cybersecurity are all related issues associated with Cyberpower. Our challenges as a nation is that we historically have not thought of these issues in the larger context and, consequently, we risk making sub-optimal policy and budget decisions that could have cascading effects on other related cyber areas. The key questions before us are: Do we understand what Cyberpower actually is? Does the United States have a strategy for becoming a global cyber power? What role, if any, should the government play in driving a strategy? Can we articulate the goal we are striving for, align our efforts, measure success, and - equally important - chart the path for getting there?

Security Authorization: An Approach for Community Cloud Computing Environments
Booz Allen Hamilton
The objective of this paper is to provide an approach to performing assessment and authorization of cloud computing environments (CCE) in accordance with existing National Institute of Standards and Technology (NIST) guidance. Although the assessment and authorization approach described in this white paper can be adapted to all of the private, public, hybrid, and community cloud deployment models, the primary focus of this paper is providers and consumers of CCE services for civil agencies utilizing the community cloud deployment model. 

Putting Cloud Security in Perspective
Capgemini
There is growing acceptance that the cloud delivery model offers real business benefits, however, perceived security concerns threaten the general uptake of the cloud computing model. Many take the view that the cloud model is somehow inherently less secure than more traditional IT delivery models.This paper examines how organizations can take advantage of cloud-based services while managing risk responsibly.

THE SECURITY STACK: A Model For Understanding The Cybersecurity We Need 
CSC
This paper proposes a four-layer model called the "security stack" as a means both to visualize the complexity of cybersecurity problems and to see through to comprehensive, effective solutions.

Cyber Command and Control (Cyber - C2)
Deloitte
While it is important to develop secure products to defend and protect our cyber assets, it is just as important that the cyber space that is monitored systematically and even traces of cyber threats are tracked, analyzed and shared for effective actions against them. This paper describes an approach and a solution for Cyber Collaborative Situational Awareness and decision making to government agencies and the private sector entities that can implement it not only to protect their own digital assets but to also help in identifying, collaborating with national level cyber agencies and responding to cyber threats at the highest level.

Adapting To The Fiscal Climate Change in Government
HP
This paper examines how government CIOs can respond to the economic crisis.


Meeting the Cybersecurity Challenge: Empowering Stakeholders and Ensuring Coordination
IBM
Our economy, government and society increasingly rely on digital infrastructures to function. That reliance creates critical vulnerabilities to cyber threats posed by everything from hackers to organized crime, terrorists, espionage and warfare. As the nation strives to address these threats, it is important to realize that cyberspace is a complex system of systems. No one entity can solve the problem of cybersecurity. Cybersecurity poses a systemic challenge to society. Meeting the challenge requires shared responsibility, clear definition of roles and responsibilities, and good-faith cooperation and collaboration. IBM understands the broad range of cyber threats and the critical importance of cybersecurity. IBM’s approach to cybersecurity and risk mitigation explicitly addresses the multiple layers of IT— from system users to hardware, software, applications, network access, and data access. At the same time, IBM recognizes that cybersecurity is about much more than simply IT. Effective cybersecurity requires fostering a culture and governance model that reinforces shared ownership and accountability.

Justice and Public Safety: Fight Crime and Terrorism More Effectively
Oracle
Increasingly, government agencies are realizing that information technology provides a powerful weapon against crime. With more than 30 years of experience working on security issues, Oracle is the undisputed leader in helping justice and public safety organizations achieve their vital missions.

Collaborative Outcomes in the Public Sector: Processes and Architecture
SAP
Take an in-depth look at how the collaboration that takes place between government agencies can be codified and automated to improve public value - and preserve best practices as staff and employees move on. Learn how SAP's business process platform supports collaborative outcomes and protects existing investments in IT.

Homeland Security and Homeland Defense IT Solutions
Serco
Serco provides adaptable solutions to the Department of Homeland Security that help equip the federal government with the necessary resources to prepare for and combat continually evolving threats.

Cyber Security & Waiting for Godot
By Scott Weber, Partner at Patton Boggs and Council Senior Advisor
The continued and growing reliance on networked operations, wireless systems and the globalization of information make a cyber attack a growing concern for the private sector and government. Cyber attacks of computer systems and telecommunication networks are highly developed and increasingly used as a way to gain an advantage in the commercial sector, as well as a viable tool for terrorists seeking to cause economic destruction and ways to fund their operations.  As business trade secrets and customer information become more vulnerable, it is clear that the public can wait no longer for cyber security standards.

Cyber Warfare & the United States – A Call to Arms
By Scott Weber, Partner at Patton Boggs and Council Senior Advisor
U.S. Ambassador to the United Nations Susan Rice and the Obama Administration should press the United Nations to join the 21st century and address head on the issue of cyber warfare.  Article 51 of the U.N. Charter provides that a country has the right to engage in self-defense when it suffers an armed attack.  The extent of such a response is guided by the Geneva Conventions and their attendant protocols, which define, among other things, the ways that a war may be fought and the protection of individuals.  These protocols also provide measures that can be taken to prevent or end “grave breaches,” defined as “willful killing, torture or inhuman treatment . . . willfully causing great suffering . . . and extensive destruction and appropriation of property, not justified by military necessity and carried out unlawfully and wantonly.”  But what about cyber warfare?
 
copyright